Heavily commented the origin configuration file.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 18 Feb 2003 23:06:58 +0000 (23:06 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 18 Feb 2003 23:06:58 +0000 (23:06 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@478 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

webApplication/WEB-INF/classes/conf/origin.properties

index 162c9a5..b0bc8dc 100755 (executable)
-#Full Path to ARP repository
-edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository.Path = /conf/arps/
-edu.internet2.middleware.shibboleth.aa.arp.ArpRepository.implementation = edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository
+###################################################################################
+#
+# Handle Service Configuration
+#
+###################################################################################
 
-edu.internet2.middleware.shibboleth.aa.AAServlet.authorityName = shib2.internet2.edu
-edu.internet2.middleware.shibboleth.aa.AAServlet.ldapUserDnPhrase = uid=
-#edu.internet2.middleware.shibboleth.aa.arp.BaseArpRepository.ArpTTL = 300000
-java.naming.factory.initial=edu.internet2.middleware.shibboleth.aaLocal.EchoCtxFactory
+##### General Configuration #####
 
-#java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
-#java.naming.provider.url = ldap://shib2.internet2.edu/ou=People,dc=internet2,dc=edu
-#java.naming.security.principal =
-#java.naming.security.credentials =
+ # [Required] Name of this Handle Service (usually a dns name)
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.issuer = shib2.internet2.edu
 
-edu.internet2.middleware.shibboleth.hs.HandleRepository.implementation = edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository
-edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStoreKeyPassword = shibhs
-edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStoreKeyAlias = handleKey
-edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePath = /conf/handle.jks
-edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePassword = shibhs
+ # [Required] Authentication scope (usually a dns domain)
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.authenticationDomain = shibdev.edu
 
+ # [Required] URL at which the corresponding Attribute Authority can be reached
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.AAUrl = http://snc.cc.columbia.edu/shibboleth/AA
 
-#edu.internet2.middleware.shibboleth.hs.HandleRepository.implementation = edu.internet2.middleware.shibboleth.hs.provider.MemoryHandleRepository
+
+##### Assertion Signing #####
+
+ # [Required] Location of a Java keystore containing an X509 certificate
+ # and matching key.  Used to sign assertions made by this HS
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStorePath = /conf/keystore.jks
+
+ # [Required] Password for the keystore
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStorePassword = shibhs
+
+ # [Required] Keystore alias for the private key
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyAlias = shibhs
+
+ # [Required] Password for the private key
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyPassword = shibhs
+
+ # [Optional] Keystore alias for the X509 certificate (Defaults to the private key alias)
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.certAlias = shibhs
+
+
+###################################################################################
+#
+# Attribute Authority Configuration
+#
+###################################################################################
+
+
+##### General Configuration #####
+
+ # [Required] Name of this Attribute Authority (usually a dns name)
+ #edu.internet2.middleware.shibboleth.aa.AAServlet.authorityName = shib2.internet2.edu
+
+
+##### Data Source #####
+       
+ # [Required] JNDI context implementation to be used for attribute retrieval
+ java.naming.factory.initial=edu.internet2.middleware.shibboleth.aaLocal.EchoCtxFactory
+ #java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
+
+   ### Parameters for com.sun.jndi.ldap.LdapCtxFactory ###
        
-edu.internet2.middleware.shibboleth.hs.BaseHandleRepository.handleTTL = 10000
-edu.internet2.middleware.shibboleth.hs.HandleServlet.issuer = shib2.internet2.edu
-edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStorePath = /conf/keystore.jks
-edu.internet2.middleware.shibboleth.hs.HandleServlet.authenticationDomain = shibdev.edu
-edu.internet2.middleware.shibboleth.hs.HandleServlet.AAUrl = http://snc.cc.columbia.edu/shibboleth/AA
-edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStorePassword = shibhs
-edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyAlias = shibhs
-edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyPassword = shibhs
-#default is to use key alias
-#edu.internet2.middleware.shibboleth.hs.HandleServlet.certAlias = shibhs
+   # [Required if active] URL of ldap server/search base
+   #java.naming.provider.url = ldap://shib2.internet2.edu/ou=People,dc=internet2,dc=edu
+
+   # [Optional] ldap bind dn
+   #java.naming.security.principal =
+
+   # [Optional] Password for ldap non-anonymous binding
+   #java.naming.security.credentials =
+
+   # [Optional] Name of the ldap attribute that contains the principal 
+   # (Defaults to "uid=") (Use the "uid=%s" form if the principal name is not part of the dn)
+   #edu.internet2.middleware.shibboleth.aa.AAServlet.ldapUserDnPhrase = uid=
+
+
+##### Attribute Release Policies #####
+
+ # [Required] Arp Repository Implementation
+ edu.internet2.middleware.shibboleth.aa.arp.ArpRepository.implementation = edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository
+
+   ### Parameters for edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository ###
+       
+   # [Required if active] Path from which Policies can be loaded
+   edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository.Path = /conf/arps/
+       
+   # [Optional] Time in milliseconds for which Release Policies should be cached
+   # (Defaults to 0 or "no caching")
+   edu.internet2.middleware.shibboleth.aa.arp.BaseArpRepository.ArpTTL = 300000
+
+
+###################################################################################
+#
+# Shared Configuration
+#
+###################################################################################
+
+
+##### Attribute Query Handle Repository #####
+
+ # [Optional] Specifes an implementation to be used for the HS and AA to share AQHs (Defaults to Memory provider)
+ edu.internet2.middleware.shibboleth.hs.HandleRepository.implementation = edu.internet2.middleware.shibboleth.hs.provider.MemoryHandleRepository
+ #edu.internet2.middleware.shibboleth.hs.HandleRepository.implementation = edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository
+
+   ### edu.internet2.middleware.shibboleth.hs.provider.MemoryHandleRepository ###
+
+   # [Optional] Time in milliseconds for which issued AQHs are valid (Defaults to 1800000 or 30 minutes)
+   #edu.internet2.middleware.shibboleth.hs.BaseHandleRepository.handleTTL = 10000
+
+   ### edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository ###
+       
+   # [Required if active] Location of a Java keystore containing an X509 certificate
+   # and matching key.  Used to encrypt the principal's identifiers
+   #edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePath = /conf/handle.jks
+
+   # [Required if active] Password for the keystore
+   #edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePassword = shibhs
+
+   # [Required if active] Keystore alias for the secret key
+   #edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStoreKeyAlias = handleKey
+
+   # [Required if active] Password for the private key
+   #edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStoreKeyPassword = shibhs
+
+   # [Optional] Time in milliseconds for which issued AQHs are valid (Defaults to 1800000 or 30 minutes)
+   #edu.internet2.middleware.shibboleth.hs.BaseHandleRepository.handleTTL = 10000
+
+